Glenn Mangham claimed he was an ‘ethical hacker’ who wanted to show how Facebook could improve its security
A student who hacked into Facebook in the “most extensive and grave” case of social media hacking to come before a British court was jailed for eight months on Friday.
Glenn Mangham, 26, admitted infiltrating the website from his bedroom in his parents’ house between April and May last year.
His actions were said to have risked destroying “the whole enterprise” and sparked fears among American authorities of industrial espionage.
Mangham, a software development student from Cornlands Road, York, had previously shown the search engine Yahoo how it could improve its security and said he wanted to do the same for Facebook.
But prosecutor Sandip Patel rejected his claims, saying: “He acted with determination, undoubted ingenuity and it was sophisticated, it was calculating.”
Facebook spent $200,000 (£126,400) dealing with Mangham’s crime, which triggered a “concerted, time-consuming and costly investigation” by the FBI and British law enforcement.
“He said he wanted a mini project and chose Facebook because of its high-profile internet presence,” Patel said.
“The prosecution does not accept that the defendant’s actions were anything other than malicious.”
He told Southwark Crown Court in London how Mangham had “unlawfully accessed and hacked into” Facebook and had stolen “invaluable” intellectual property, downloaded on to an external hard drive.
“This represents the most extensive and grave incident of social media hacking to be brought before the British courts,” Patel said.
Passing sentence, Judge Alistair McCreath told Mangham his actions were not harmless and had “real and very serious potential consequences”, which could have been “utterly disastrous” for Facebook.
“You and others who are tempted to act as you did really must understand how serious this is,” he said.
“The creation of that risk, the extent of that risk and the cost of putting it right mean at the end of it all I’m afraid a prison sentence is inevitable.”
Mangham, a Sherlock Holmes fan described by his lawyer as a “computer nerd”, targeted multiple servers, bypassing Facebook’s security.
As part of his ruse, he hacked into the account of a Facebook employee and through it obtained restricted internal data while the staff member was away on holiday. He later tried to delete the electronic footprints to cover the hacking. The breach was discovered in a routine security review by the website. On 2 June officers from Scotland Yard raided Mangham’s home and arrested him.
Mangham insisted financial gain was not his motive and vowed he was willing to explain to Facebook how he had compromised their servers, the court heard.
Tony Ventham, defending Mangham, said he was an “ethical hacker” who had described himself as a security consultant.
“He saw this as a challenge,” he told the court. “This is someone who in previous times would have thrown everything aside to seek the source of the Nile.
“It was common currency within the community of computer nerds or geeks, if I may refer to him as that, where there was this interesting relationship between companies and people who ethically point out vulnerabilities.”
He had not tried to sell any of the information he obtained or pass it on to anyone else, Ventham said.
He added: “He was in his own world, his own bedroom, his own mind, his own project and certainly his intention throughout was to contact Facebook in due course when he had rectified their problems.”
